Send us fan mail!

Hello to all our Cyber Panda Bears! In this extra-packed episode of Discarded, host Selena Larson and guest host, Sarah Sabotka reunite with Staff Threat Researcher Mark Kelly to dive deep into China-aligned espionage activity—this time with a focus on Taiwan’s semiconductor ecosystem and the strange, stealthy tools threat actors are using to get in.

Mark walks us through Proofpoint’s latest research on custom malware (yes, “Voldemort” is back), threat clusters with pun-filled names like UNK_SparkyCarp and UNK_DropPitch, and why Taiwan’s chip industry has become such a hot target. From design and manufacturing to financial analysts and supply chains, Chinese state-aligned actors are getting more creative—and more persistent.

We also unpack:

•  The “Phish & Chips” campaign and how it fits into China’s broader geopolitical strategy
  
  
  
•  Why pop culture references like Voldemort and Mr. Robot keep showing up in espionage infrastructure
  
  
  
• Attribution headaches, including Proofpoint’s tracking of multiple unattributed threat clusters with UNK designators
  
  
  
•  How AI, LLMs, and adversary-in-the-middle phishing are influencing espionage tactics
  
  
  
•  The use of RMM tools and spoofed MacOS folders for stealth
  
  
  
•  Why basic backdoors are making a strategic comeback
  
  
  
•  A threat intel team’s deep love for vegetables, puns, and report titles
  
  
  

Whether you're tracking state-sponsored cyber activity, curious about weird malware names, or just here for the expert banter, this episode has you covered.

Resources Mentioned:

Phish & Chips: Chinese Espionage Activity Targeting Taiwan's Semiconductor Ecosystem

For more information about Proofpoint, check out our website.

Subscribe & Follow:

Stay ahead of emerging threats, and subscribe! Happy hunting!